CVE Catalog

CVE-2026-56074

MediumCVSS 5.5
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.12%

2th percentile — higher than 2% of all known CVEs

Summary

PraisonAI versions before 1.5.128 cache tool approval decisions based only on tool name, not invocation arguments, allowing subsequent execute_command calls to bypass approval prompts.

Risk Assessment

Attackers can exploit this vulnerability by obtaining initial approval for a benign command, then silently exfiltrate API keys and credentials via subsequent shell commands without user consent.

Recommendation

It is recommended to upgrade to version 1.5.128 or later to mitigate this vulnerability and implement additional verification mechanisms for execute_command calls.

Original NVD description (English source)

PraisonAI before 1.5.128 caches tool approval decisions by tool name only, not by invocation arguments, allowing subsequent execute_command calls to bypass approval prompts. Attackers can exploit this by obtaining initial approval for a benign command, then silently exfiltrate API keys and credentials via subsequent shell commands without user consent.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS